The majority of the flaws pertained to the Java Runtime Environment and could be exploited over a network without authentication.

Eight of the vulnerabilities were given a 10 base score under the Common Vulnerability Scoring System, according to Oracle.

"Out of these 21 vulnerabilities, 13 affect Java client deployments. Twelve of these 13 vulnerabilities can be exploited through untrusted Java web start applications and untrusted Java applets, which run in the Java sandbox with limited privileges. One of these 13 vulnerabilities can be exploited by running a standalone application," Oracle security blogger Eric Maurice said.

Two workarounds Oracle proposed were restricting network protocols that could be used in an attack, and restricting unprivileged access for attacks that require privileges.

All rights reserved. This material may not be published, broadcast, rewritten or redistributed in any form without prior authorisation.Your use of this website
constitutes acceptance of nextmedia's Privacy Policy and
Terms & Conditions.